Privacy Transformation - Issue 181
PRIVACY
Czech Presidency hones in on platform workers’ personal data protection
A new, third compromise text from the Czech Presidency of the EU Council on the platform workers' directive further emphasises the importance of algorithmic management and workers' personal data protection.
New legislation will make it easier for Wexford authorities to catch those dumping illegally
Legislation which will allow local authorities to roll out and utilise CCTV to catch illegal dumping is now in place and is expected to be fully operational by early 2023.
SECURITY & TECH
TikTok says staff in China have access to European user data
Other countries in which some TikTok staff have access to European user data include Brazil, Israel, Japan, Malaysia and the Philippines.
Cyber-attacks on small firms: The US economy's 'Achilles heel'?
Small businesses play a critical role in the economy but are more vulnerable to cyber-attacks.
US convenes over 30 countries to address ransomware as hacks of hospitals, critical infrastructure continue
The Biden administration will convene three-dozen allied governments on Monday and Tuesday for a fresh round of talks on how to stem the tide of ransomware attacks that have disrupted critical infrastructure firms around the world and cost businesses many millions of dollars.
Online age-verification system could create ‘honeypot’ of personal data and pornography-viewing habits, privacy groups warn
As the UK government develops online safety guidelines, digital rights groups says any approach requiring the use of ID is ‘invasive and risky’.
UK police use of live facial recognition unlawful and unethical, report finds
Police should be banned from using live facial recognition technology in all public spaces because they are breaking ethical standards and human rights laws, a study has concluded.
UK NCSC: Weekly Threat Report
The NCSC's threat report is drawn from recent open source reporting.
DATA BREACH
Thomson Reuters collected and leaked at least 3TB of sensitive data
The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online
Medibank now says hackers accessed all its customers’ personal data
Australian insurance firm Medibank has confirmed that hackers accessed all of its customers' personal data and a large amount of health claims data during a recent ransomware attack.
ENFORCEMENT
ICO and Cabinet Office reach agreement on New Year Honours data breach fine
The UK Information Commissioner has agreed to reduce the £500,000 Monetary Penalty Notice (MPN) imposed on the Cabinet Office in 2021 in relation to the New Year Honours data breach to £50,000, which the Cabinet Office has agreed to pay, reflecting our new approach to working more effectively with public authorities.
More on the latest GDPR enforcement news can be found on:
RESOURCES
Podcast: Grumpy GDPR - No harm, no foul with Max Schrems
😤 Just how grumpy is Max Schrems, Miloš and Rie about the recent CJEU Advocate Opinion on conditions for the right to compensation under the GDPR?
ENISA Threat Landscape 2022
This is the tenth edition of the ENISA Threat Landscape (ETL) report, an annual report on the status of the cybersecurity threat landscape. It identifies the top threats, major trends observed with respect to threats, threat actors and attack techniques, as well as impact and motivation analysis. It also describes relevant mitigation measures.
CONTRIBUTE
Have an interesting article, book, video, podcast or other resource that you would like to share with fellow privacy practitioners? Please do drop me a note.